CVE-2023-43633: EVE's Debug Functions Unlockable Without Triggering Measured Boot
On boot, Pillar checks for /config/GlobalConfig/global.json and overrides system configuration if present. This allows enabling debug functions like SSH (debug.enable.ssh), USB keyboard (debug.enable.usb), and VNC access (app.allow.vnc) without triggering the measured boot. Thus, a user with physical access can take out the disk and modify the content of this file in the /config partition and then re-insert the disk.
References
- asrg.io/security-advisories/cve-2023-43633
- asrg.io/security-advisories/debug-functions-unlockable-without-triggering-measured-boot
- github.com/advisories/GHSA-4c4v-42hc-72p6
- github.com/lf-edge/eve
- github.com/lf-edge/eve/commit/5fef4d92e75838cc78010edaed5247dfbdae1889
- github.com/lf-edge/eve/commit/aa3501d6c57206ced222c33aea15a9169d629141
- github.com/lf-edge/eve/security/advisories/GHSA-4c4v-42hc-72p6
- nvd.nist.gov/vuln/detail/CVE-2023-43633
Code Behaviors & Features
Detect and mitigate CVE-2023-43633 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →